I couldn't find a pre-built version on tinderbox, tough luck. Do you have a Live-CD or are you stuck with no working system, no Live-CD and no CD burning hardware (which would be the prediction based on Murphy's Law)?

If you have a Live-CD, you can boot it, fetch some stage3 and portage tarballs, chroot into a basic gentoo env and emerge libselinux with --buildpkgonly. That will generate you a tbz2 file which you can then unpack in your Gentoo install.

If you have to ask, I would guess that you don't. What is the purpose of the system in question? If it's an ordinary PC that doesn't store highly classified documents about the government's involvement in UFO-related abductions (or any such things that must not be accessed by anyone), you probably might be able to live without SElinux.

However there must have been a reason why you went through the trouble of installing it in the first place.

To be honest, I don't even know when I would have put it on, selinux is in my use flags to my surprise.
I have quite a few gentoo boxes, and this one is a much older installation than the others.
I do do quite a bit of experimenting with gentoo on it.

and it worked...
however
It added more than selinux
deleted my fstab
removed /sbin/udevtrigger
something with eth0 -not fixed yet
removed user avahi and haldaemon and my user
removed grp netdev and plugdev
and I can't login as root or anything else, but at lease it is fixable from here. !!!!!

emerge eselect
eselect profile list
...
eselect profile set 6 # let's use the selinux/2007.0/x86 profile so portage does not complain, on my rig, it's profile [6]
emerge -pvt libselinux # this tells us that sys-libs/libsepol is a dependency we need
emerge libsepol

# we now have everything we need to build libselinux

emerge --buildpkgonly libselinux

Did it work? Hit Ctrl+D to get out of the chroot. Now look inside /mnt/realroot/mnt/fakeroot/usr/portage/packages.

sys-libs/libselinux-1.34.14.tbz2 should be there! That is your libselinux binary! Uncompress that into /mnt/realroot!

Now, chroot again, this time into your real root.

Code:

chroot /mnt/realroot /bin/bash
env-update
source /etc/profile

You can now try to fix your system up. Set a password for root ("passwd root"), create needed users etc.

I suggest that you do an "emerge -pvte system". You do not have to run this without --pretend right now, but look at the output, maybe it tells you something worth knowing. If you have the time, proceed with "emerge -e system" now. Otherwise, try to reboot without the Live CD.

Posted: Tue Aug 23, 2011 11:45 pm Post subject: SELinux will b0rk you system thru! Have backup from now on!

zyko wrote:

...
Sorry again for being unspecific before!

No! You were specific enough! 4est panicked and got confused.
Happens to all of us at times.
Well, who on earth need to be talking nice anymore about this stupid SELinux program!
I got into similar trouble as the 4est's above.
God! Thank you for me having backed up my system, and for the sake of poor people not knowing how to properly back their system up, I think the best advice to say here is, as follows!

Firstly
Don't ever think about coming any closer than the word itself to SELinux. There is hardly anywhere a program so stupid and so hard to understand, let alone to put to truly good use as SELinux is (well maybe Billy and the Gang still have worse than that... hardly anyone else in the world).

Secondly
My mere unmerging

Code:

# emerge -C sys-libs/libselinux

got my box into a state, as can be understood from the post above, and from many other posts in the forum, but not from SELinux Gentoo docs, and I am not publicly writing what my suspicion is, will just say, a shame, and that is an understatement...
...into a state of irreparable b0rkedness, and will do the same to anyone else probably, so this is just an afterthought:
Have a backup!

Have a backup of your system! Have a separate partition where you keep your ordinary user data, but have a backup of your system devices with, well, I've been using, I can tell from memory as I have been using it for years and it just... I don't remember that it ever didn't work... just works!

and so on...
Of course, I forgot to say upfront, from liveCD, or SystemRescueCD! And it mustn't be mounted.
Once something like SELinux b0rks your system completely (though you will agree that few other things in the Linux world are as stupid as SELinux, truly few... pls. understand, I support Hardened Linux, just not SELinux. I am installing Brad Spengler's grsecurity onto my box right when I get it into the day before yesterday's state from backup!)
And so, once something like SELinux b0rks your system thru, the stowed away backup files can be, again from LiveCD or somesuch, be restored, to the bit, to the very single bit, restored into your precious system devices with:
(Note. If the sytem_partition_1 is large, you will get a few of these:

That's not too much to understand!
And there's always the chance of people promoting stupid things for stinking reasons...
Patriot Act is probably better for free speech and freedom in the U.S.A. than NSA's SELinux is for the Linux community. Stay clear! Stay clear from it!
(And to think that in all these years, noone dared to put a clear warning somewhere visible and findable about the risk of installing SELinux, somewhere close enough to things that people read when they decide on Hardened Linux? Again, I'll be installing Pax and grsecurity, and reinstalling hardened-sources, the odd one out is only SELinux!)

((Because it's the same stupid unmerging of libselinux that b0rked my box! The same that ruined 4est's more three years ago and God knows how many other people's boxes in the meantime, in all the three years of this period of time! Jesus, save us!))